Housing Finance Bank was incorporated as a private company under the
Companies Act in December 1967, the Bank has become a household name and has
grown in leaps and bounds with a good track record among the pioneers of a
mortgage lending. National Housing & Construction Corporation, a parastatal
involved in real estate business has 5% shareholding and National Social
Security Fund (NSSF) holds 50% and the Government of Uganda holds 45%. Today,
the bank looks back with pride on the business accomplished in the mortgage
lending business. Through innovation and placing emphasis on Honesty,
Integrity, Efficiency and Customer care, Housing Finance Bank is the leader in
the mortgage, holding a 90% market share.

Job Summary: The Manager
Information Technology Risk will develop and monitor the implementation of
independent IT risk assessment and report findings in line with regulatory
requirements and the Bank’s policies and procedures

Key Duties and
Responsibilities:

·Carry out Information System risk assessments in
line with HFB security policies, regulatory requirements and adherence to best
practices.

·Conduct security risk assessments for new and
existing systems, applications and programs to identify weaknesses or security
exposures and prescribe solutions to mitigate the risks Perform reviews and
security assessments of areas such as operating systems, database management
systems, firewalls, intrusion detection systems, and web based applications.

·The incumbent will also identify and evaluate
business technology risks, internal controls which mitigate risks, and related
opportunities for internal control improvement.

·Provide technical guidance over the general
activities and concerns of the Bank’s information technology function including:
governance, policy, control design, general operational effectiveness and
internal controls.

·Develop and maintain an IT risk Register.

·Monitor and track IT risk events (Maintain IT
Incident log) in line with the Bank’s policies and procedures.

·Regularly monitor and track issues and
associated actions plans to closure. Identification and analysis of emerging IT
risks.

·Pursuing or completed Certification in Risk and
Information Systems Control (CRISC) or Certified Information Systems Auditor
(CISA), or other risk related certification.

·At least four years’ experience in information
systems within a governance or risk culture

·Proven success in a role that emphasizes the
following: IT Risk Management, Governance and / or Technical Privacy

·Broad knowledge in IT infrastructure,
application development / SDLC and / or information security

·Strong project management skillset

·Industry experience in financial services
preferred

·Ability to effectively manage multiple competing
priorities

·Team orientation

·Keen attention to detail

·Excellent communication skills

How to Apply:

All candidates who wish to join the Banking sector are invited to send
their applications including an updated CV, certified copies of all academic
transcripts, certificates and testimonials, daytime telephone contact, and
email address of both applicant, and three competent referees addressed to: